package com.xinxing.learning.security.confing;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;

import javax.sql.DataSource;

// @Configuration
// @EnableResourceServer
public class JdbcResourceServerConfig extends ResourceServerConfigurerAdapter {
    private final DataSource dataSource;

    public JdbcResourceServerConfig(DataSource dataSource) {
        this.dataSource = dataSource;
    }

    @Bean
    public TokenStore tokenStore() {
        return new JdbcTokenStore(dataSource);
    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources.tokenStore(tokenStore());
    }

    // 携带令牌访问资源: 请求授权服务 获取令牌 访问资源服务的资源时 携带令牌
    // 完整路径: curl -H "Authorization:Bearer ff59c627-8ca2-4703-bde3-7a67ccbfe978" http://localhost:8081/hello
}
